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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address- 
All claims being allowable, PROSECUTION ON THE MERITS IS (OR REMAINS) CLOSED in this application. If not included 
herewith (or previously mailed), a Notice of Allowance (PTOL-85) or other appropriate communication will be mailed in due course. THIS 
NOTICE OF ALLOWABILITY IS NOT A GRANT OF PATENT RIGHTS. This application is subject to withdrawal from issue at the initiative 
of the Office or upon petition by the applicant. See 37 CFR 1 .31 3 and MPEP 1 308. 

1. £3 This communication is responsive to 2/7/2007 . 

2. The allowed claim(s) is/are 1.3-8. 10-22,24.25.27-33,48 and 49 . 

3. □ Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 

a) □ All b) □ Some* c) □ None of the: 

1. □ Certified copies of the priority documents have been received. 

2. □ Certified copies of the priority documents have been received in Application No. . 

3. □ Copies of the certified copies of the priority documents have been received in this national stage application from the 

International Bureau (PCT Rule 17.2(a)). 
* Certified copies not received: . 

Applicant has THREE MONTHS FROM THE "MAILING DATE" of this communication to file a reply complying with the requirements 
noted below. Failure to timely comply will result in ABANDONMENT of this application. 
THIS THREE-MONTH PERIOD IS NOT EXTENDABLE. 

4. □ A SUBSTITUTE OATH OR DECLARATION must be submitted. Note the attached EXAMINER'S AMENDMENT or NOTICE OF 

INFORMAL PATENT APPLICATION (PTO-152) which gives reason(s) why the oath or declaration is deficient. 

5. □ CORRECTED DRAWINGS ( as "replacement sheets") must be submitted. 

(a) □ including changes required by the Notice of Draftsperson's Patent Drawing Review ( PTO-948) attached 

1) □ hereto or 2) □ to Paper No./Mail Date . 

(b) □ including changes required by the attached Examiner's Amendment / Comment or in the Office action of 

Paper No./Mail Date . 

Identifying indicia such as the application number (see 37 CFR 1.84(c)) should be written on the drawings in the front (not the back) of 
each sheet. Replacement sheet(s) should be labeled as such in the header according to 37 CFR 1.121(d). 

6. □ DEPOSIT OF and/or INFORMATION about the deposit of BIOLOGICAL MATERIAL must be submitted. Note the 

attached Examiner's comment regarding REQUIREMENT FOR THE DEPOSIT OF BIOLOGICAL MATERIAL. 
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EXAMINER'S AMENDMENT 

1 . An examiner's amendment to the record appears below. Should the changes 
and/or additions be unacceptable to applicant, an amendment may be filed as provided 
by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be 
submitted no later than the payment of the issue fee. 

Authorization for this examiner's amendment was given in a telephone interview 
with Ashok K. Mannava op 3/28/07. 

2. The application has been amended as follows: 
In claim 1 , the paragraph 

"a plurality of network bubbles, each network bubble having a plurality of bubble 
partitions, each bubble partition having at least one network device configured to 
transmit and receive data, and" 
has been changed to 

--a plurality of network bubbles, each network bubble having a plurality of bubble 
partitions, each bubble partition having at least one network device configured to 
transmit and receive data, and wherein each of the plurality of bubble partitions is 
connected to at least two network control point devices to achieve high availability in the 
case of a failed interface or network control point device;-- 

In claim 9, the paragraph 
"(Original)" 
has been changed to 
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--(Canceled)— 

In claim 17, the paragraph 

"a first and second network bubble, each network bubble having a distinct 
network security policy and a plurality of bubble partitions, each bubble partition having 
a plurality of network devices having unrestricted network access with each other and 
configured to transmit and receive data;" 
has been changed to 

-a first and second network bubble, each network bubble having a distinct 
network security policy and a plurality of bubble partitions, each bubble partition having 
a plurality of network devices having unrestricted network access with each other and 
configured to transmit and receive data, wherein each of the plurality of bubble 
partitions is connected to at least two network control point devices to achieve high 
availability in the case of a failed interface or network control point device;- 

In claim 26, the paragraph 
"(Original)" 
has been changed to 

--(Canceled) — 
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Allowable Subject Matter 

3. This action is in response to the communication dated 2/7/2007 with the 
amendments to claims 1, 17, 33 and 48, the cancellation of claims 2 and 23 and the 
addition of claim 49. 

4. Claims 1 , 3-8, 1 0-22, 24-25, 27-33 and 48-49 are allowed. 

5. The following is an examiner's statement of reasons for allowance: 

The present invention is directed to a method of implementing network security 
policies on a common network infrastructure. Different network security architectures 
such as the internal, external and DMZ architecture (see specification, page 3, line 4 - 
page 4, line 6), the concentric rings of network access control architecture (see 
specification, page 4, lines 7-28) are implemented with their drawbacks and limitations. 
According to the invention, a network security architecture can be made more efficient 
and overcome the above drawbacks and limitations (i.e. a plurality of network bubbles, 
each network bubble having a plurality of bubble partitions, each bubble partition having 
at least one network device configured to transmit and receive data, and wherein each 
of the plurality of bubble partitions is connected to at least two network control point 
devices to achieve high availability in the case of a failed interface or network control 
point device; all of the network devices corresponding to the same respective network 
bubble having unrestricted network access with each other and the same network 
security policy that controls data movement between the network devices of different 
network bubbles, and an inter-bubble device connecting the first and second network 
bubbles to one another and enforcing the network security policy of the first and second 
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network bubbles, wherein the security policy of the first network bubble is distinct from 
the security of the second network bubble" in claims 1 and 17). 

The closest prior arts, Nessett et al. (5,968,176), Segal (6,345,299), Williams 
(6,304,973) and Wesinger, Jr. et al. (6,052,788) fail to anticipate or render the above 
limitations obvious. 

Any comments considered necessary by applicant must be submitted no later 
than the payment of the issue fee and, to avoid processing delays, should preferably 
accompany the issue fee. Such submissions should be clearly labeled "Comments on 
Statement of Reasons for Allowance." 

6. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Minh Dieu Nguyen whose telephone number is 571-272- 
3873. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Emmanuel Moise can be reached on 571-272-3865. The fax phone number 
for the organization where this application or proceeding is assigned is (571) 273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov . Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free). 
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